2e94eac4aaf8f8007305e70e63d20d42f4a7ab70d7b3ff5e3b18bc486c4bfe30 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.b437d0616cecc7afda4e61685df44450.exe
Size

324KB
Sample

231114-3cvyzsgd79
MD5

b437d0616cecc7afda4e61685df44450
SHA1

7234a738943575a13a6515bee1c3ddd991bdbc1e
SHA256

2e94eac4aaf8f8007305e70e63d20d42f4a7ab70d7b3ff5e3b18bc486c4bfe30
SHA512

cf4c20f846b1292c2b146cc8f4114bcc7c9587b15fb2b66b39bdb5cdbd34fc776bfaba876f3ea8ac70b24bbb1569677588e39541b2a9a4f2c0967b716d67542a
SSDEEP

6144:HM0/DqbQzd5IF6rfBBcVPINRFYpfZvT6zAWq6JMf3us8ws:H//Dtp5IFy5BcVPINRFYpfZvTmAWqeM2

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.b437d0616cecc7afda4e61685df44450.exe
- Size
  
  324KB
- MD5
  
  b437d0616cecc7afda4e61685df44450
- SHA1
  
  7234a738943575a13a6515bee1c3ddd991bdbc1e
- SHA256
  
  2e94eac4aaf8f8007305e70e63d20d42f4a7ab70d7b3ff5e3b18bc486c4bfe30
- SHA512
  
  cf4c20f846b1292c2b146cc8f4114bcc7c9587b15fb2b66b39bdb5cdbd34fc776bfaba876f3ea8ac70b24bbb1569677588e39541b2a9a4f2c0967b716d67542a
- SSDEEP
  
  6144:HM0/DqbQzd5IF6rfBBcVPINRFYpfZvT6zAWq6JMf3us8ws:H//Dtp5IFy5BcVPINRFYpfZvTmAWqeM2
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2